It has been a turbulent year of devastating ransomware attacks (e.g. NotPetya) and gut-wrenching breaches (e.g. Equifax). Undoubtedly, the question on everyone’s mind is, “what’s in store for us in the New Year?” Webroot’s top 10 cybersecurity predictions for 2018 covers everything from ransomware and breaches to mobile, cryptocurrency, and government.We’ve grouped our predictions to help you navigate this glimpse into one possible cybersecurity future.

Malware will get smarter and threats more serious.

Malware campaigns will use AI to make secondary infection decisions based on what they’ve learned from previous campaigns. – Gary Hayslip, chief information security officer

We will see the first health-related ransomware targeting devices like pacemakers. – Eric Klonowski, sr. advanced threat research analyst

We haven’t seen the last of breaches.

I predict a minimum of 3 separate breaches of at least 100 million accounts each. I’d be willing to bet the data has already been compromised, but the affected organizations won’t learn of the breach until next year. – Tyler Moffitt, sr. advanced threat research analyst

Not even biometric security will be safe from malicious actors.

We will see the first biometric-access-based exploits using facial recognition or fingerprint access. – Eric Klonowski, sr. advanced threat research analyst

Consumers will want more from governments to keep them safe.

Consumers fighting back: 2018 will see major a major backlash from consumers (perhaps in the form of class action lawsuits), necessitating more regulations around data protection, particularly in the U.S. – David Kennerley, director of threat research

Infosec will become a C-level priority.

The CISO role will be mandatory for all organizations who do business with the Federal Government. – Gary Hayslip, CISO

Being a mobile-first society will come with greater costs.

We will see the first widespread worming mobile phone ransomware, perhaps spread by SMS or MMS. – Eric Klonowski, sr. advanced threat research analyst

Cryptocurrency will continue to rise and impending legislature is inevitable.

GDPR will set a tone, for better or worse, and businesses should prepare on all sides.

Companies who trade with the European Union will suddenly panic over GDPR requirements and just encrypt everything in a knee-jerk response. – Jonathan Giffard, sr. product manager

The boom in the IoT space will bring stricter oversight to device manufacturers.

Data collected from IoT devices will be aggregated and used to develop an even larger, more involved picture of customers’ habits, constituting a major breach of privacy without consent. – Gary Hayslip, CISO

Do you have any cybersecurity predictions for 2018? Share your thoughts with us on Twitter with the tag #CyberIn2018.